REMARKS 

Applicant respectfully requests consideration of the subject application as amended 
herein. This Amendment is submitted in response to the Office Action mailed on June 13, 2007. 
Claims 1-31 are rejected. In this Amendment, claims 1, 2, 14, 17, 19, 23, 24 and 27 have been 
amended to further clarify existing claim limitations. No new matter has been added. No claims 
have been canceled. Therefore, claims 1-31 are presented for examination. 

Allowed Subject Matter 

Applicants thank the Examiner for allowing claims 1-31. 

Rejections under 35 U.S.C. § 112 First Paragraph 

Claims 1-13 and 17-31 stand rejected under 35 U.S.C. § 112, first paragraph, for failing 

to comply with the enablement requirement. 

The current Office Action states: 

The applicant describes how a user is authenticated by the use of 
biometric data and on a record ID. However, the applicant does not describe the 
record ID being a random number. 

(Office Action, 6/13/2007, page 4). 

The applicant respectfully disagrees with the Office Action's assertion. The record ID 

(also referred to as the client ID; see specification, page 14, lines 10-1 1) is described as being a 

random value on page 14, lines 11-13 of the specification, in which the specification states, "for 

one embodiment, the client ID 515 is randomly generated at the time the client registers with the 

authentication server 220." 
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The current Office Action further states: 

Also, the applicant does not describe determining if the user's 
authentication data matches a record ID (random number). 

(Office Action, 6/13/2007, page 4). 

Claims 1 and 7 have been amended to clarify that the authentication data is compared to 
stored data associated with the record ID. Therefore, the authentication server determines if the 
user's authentication data matches stored data associated with the record ID. Language 
supporting this limitation can be found on page 19, lines 12-19 of the specification. 

Finally, the Office Action states: 

The applicant has not shown how a biometric can be authenticated with a 
random value. One of ordinary skill in the art would not be able to determine 
how a biometric feature can be authenticated with a random number. 

(Office Action, 6/13/2007, page 4). 

Applicant would like to point out that neither claim 1 nor claim 17 recite the limitation of 
a biometric. Applicant will assume that Office Action is asserting that "applicant has not shown 
how a user's authentication data can be authenticated with a random value." As amended, 
claims 1 and 17 do not claim authenticating a user's authentication data with a random value. 
Instead, the claims recite, "determining if the user's authentication data matches stored data 
associated with the record ID." This language is explained in the specification with sufficient 
detail to enable one of ordinary skill in the art to practice the claimed invention. For a detailed 
description of one embodiment of the process of authentication, please see Figure 5 and page 14, 
line 7 to page 20, line 3. 

One of ordinary skill in the art, when reading the specification, would be able to 
determine how a user's authentication data can be authenticated. Therefore, the applicant 
respectfully requests that Examiner remove his rejections to claims 1-13 and 17-31 under 35 
U.S.C. § 112, first paragraph. 
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Rejections under 35 U.S.C. § 112 Second Paragraph 

Claims 1-31 stand rejected under 35 U.S.C. § 1 12, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claims 1 and 14 were rejected for lack of antecedent basis for the limitation, "the user's 
private key." Claims 1 and 14 have been amended to recite "a user's private key." Thus the 
claims have been amended to provide proper antecedent basis. 

For claims 1 and 17, Examiner stated that it is unclear to the Examiner how a record ID 
being a random number can be authenticated with the user authentication data. As discussed 
above with reference to the 35 U.S.C. § 1 12 First Paragraph rejection, claims 1 and 17 have been 
amended to recite, "determining if the user's authentication data matches stored data associated 
with the record ID." 

Claim 2 was rejected for lack of antecedent basis for the limitation "the private key." 
The claim has been amended to recite "the user's private key," as introduced in claim 1 , claim 2 ! s 
parent claim. Therefore, proper antecedent basis is provided. 

Claims 17, 19, 20 and 27 were rejected for lack of antecedent basis for the limitation "the 
client." Claims 17, 19 and 27 have been amended to include proper antecedent basis. Claim 20 
does not include the limitation "the client," and provides proper antecedent basis for all recited 
limitations. 

Claim 19 was rejected for failure to distinctly claim how a nonce gets to the client, and 
where the nonce is being generated. Claim 19 has been amended to recite, "a nonce generation 
logic in the authentication server to generate a nonce, and to send the nonce to the client, the 
nonce to be included with the user authentication data from the client." Therefore, it should be 
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clear that the nonce generation logic is in the authentication server, and that the nonce is sent to 
the client. Support for this change can be found, for example, in the Specification at page 12, 
lines 3-6. 

Claims 23 and 27 were rejected for lack of antecedent basis for the limitation, "the 
server." Claims 23 and 27 have been amended to recite the limitation "the third party server" 
introduced in the parent claim 17. Therefore, proper antecedent basis is provided. 

Claim 24 was rejected for lack of antecedent basis for the limitation, "the client's 
authentication data." Claim 24 has been amended to recite, "the authentication data," as used in 
its parent claim, claim 17. Therefore, proper antecedent basis is provided. 

Objections to the Claims 

Claims 14 and 17 are objected to because of informalities identified as grammatical 
errors. The grammatical errors have been corrected. 
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Conclusion 



Accordingly, applicant respectfully requests the withdrawal of the rejections and submits 
that pending claims 1-3 1 are in condition for allowance. Applicant respectfully requests 
reconsideration of the application and allowance of the pending claims. 

If the Examiner determines the prompt allowance of these claims could be facilitated by a 
telephone conference, the Examiner is invited to contact Benjamin Kimes at (408) 720-8300. 

Deposit Account Authorization 

Authorization is hereby given to charge our Deposit Account No. 02-2666 for any 
charges that may be due. Furthermore, if an extension is required, then Applicant hereby 
requests such extension. 



Respectfully submitted, 




BLAKELY, SOKOLOFF, TAYLOR 
& ZAFMAN LLP 




Benfamin A. Kimes 
Attorney for Applicant 
Registration No. 50,870 



1279 Oakmead Parkway 
Sunnyvale, CA 94085-4040 
(408) 720-8300 
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